Secunia
Login
|
|
CVE Reference: CVE-2010-0302 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2010-0302 |
|
|
Description: Use-after-free vulnerability in the abstract file-descriptor handling interface in the cupsdDoSelect function in scheduler/select.c in the scheduler in cupsd in CUPS before 1.4.4, when kqueue or epoll is used, allows remote attackers to cause a denial of service (daemon crash or hang) via a client disconnection during listing of a large number of print jobs, related to improperly maintaining a reference count. NOTE: some of these details are obtained from third party information. NOTE: this vulnerability exists because of an incomplete fix for CVE-2009-3553. |
|
|
CVE Status: Candidate |
|
|
References: UBUNTU http://www.ubuntu.com/usn/USN-906-1 ST 1024124 SAID Secunia Advisory: SA38927 Secunia Advisory: SA38979 Secunia Advisory: SA38785 Secunia Advisory: SA40220 REDHAT OVAL http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:11216 MANDRIVA http://www.mandriva.com/security/advisories?name=MDVSA-2010:073 GENTOO http://security.gentoo.org/glsa/glsa-201207-10.xml FEDORA http://lists.fedoraproject.org/pipermail/package-announce/2010-March/037174.html CONFIRM http://cups.org/articles.php?L596 http://cups.org/str.php?L3490 http://support.apple.com/kb/HT4188 BID 38510 APPLE http://lists.apple.com/archives/security-announce/2010//Jun/msg00001.html |
|
| Return to the previous page. |
